Nginx doesn't seem to support explcit intermedate cert chains [0] and we
need to supply all of the certs together in a single file. Thankfully
acme.sh does this and calls it the fullchain.cer file. Use that in the
nginx config for graphite to fix issues with ssl verification to this
service.
[0] http://nginx.org/en/docs/http/configuring_https_servers.html#chains
Change-Id: I318fb92a30c1593c2a2e4cb37496b16f17472f1d
Add the cron job that existed in puppet-graphite to cleanup old,
un-updated stats and directories.
Change-Id: Iac4676ae0ea1d5f1b96b6214ab6ab193c71a2d20
This is the storage-schemas configuration file currently deployed by
puppet-graphite. Apply it to the container so we maintain the same
retention, etc.
Change-Id: Ia733bf4a958a559ce3921094bb3f0875365157ce
This brings in the settings added with
I87c85f82f6d38506977bc9bf26d34f6e66746b01 to the container deployment.
As noted there, this stops statsd writing null values for sparesly
updated timers and counters.
Change-Id: I14b5ee40fc8efddfb7bad4fad8a8ae66746131d9
This deploys graphite from the upstream container.
We override the statsd configuration to have it listen on ipv6.
Similarly we override the ngnix config to listen on ipv6, enable ssl,
forward port 80 to 443, block the /admin page (we don't use it).
For production we will just want to put some cinder storage in
/opt/graphite/storage on the production host and figure out how to
migrate the old stats. The is also a bit of cleanup that will follow,
because we half-converted grafana01.opendev.org -- so everything can't
be in the same group till that is gone.
Testing has been added to push some stats and ensure they are seen.
Change-Id: Ie843b3d90a72564ef90805f820c8abc61a71017d
